Jetbrains | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Kategori: Jetbrains - CVE listesi
VENDOR 90 kayıt
Low CVSS: 3.1

CVE-2025-67739

In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure
Low CVSS: 2.7

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
High CVSS: 8.1

CVE-2025-64685

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
Medium CVSS: 4.3

CVE-2025-64684

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
Medium CVSS: 5.3

CVE-2025-64683

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API
Low CVSS: 2.7

CVE-2025-64682

In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit
Low CVSS: 2.7

CVE-2025-64681

In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations
Medium CVSS: 4.2

CVE-2025-64457

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
High CVSS: 8.4

CVE-2025-64456

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
High CVSS: 8.3

CVE-2025-59458

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation
High CVSS: 7.7

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
Medium CVSS: 5.5

CVE-2025-59456

In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload
Medium CVSS: 4.2

CVE-2025-59455

In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition
Medium CVSS: 4.3

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
Medium CVSS: 5.5

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
High CVSS: 7.5

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
High CVSS: 8.7

CVE-2025-57731

In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
Medium CVSS: 5.2

CVE-2025-57730

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
Medium CVSS: 6.5

CVE-2025-57729

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
Medium CVSS: 6.5

CVE-2025-57728

In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files